Evela is a personal finance app that helps you track your money by hand or by voice. Your data stays yours — we never connect to your bank, and we collect as little as possible. This policy explains what we collect, why, where it lives, and how you stay in control.
“Evela” (“we”, “us”, “our”) provides the Evela mobile app and the website at evela.ai. If you have any question about this policy or your data, email us at hello@evela.ai.
Evela is manual-first: you enter your finances yourself, by typing or by voice. We do not link to your bank accounts, cards, or any open-banking service, so we never see your real bank logins, statements, or card numbers.
You sign in with Google or Apple. We do not run passwords of our own. From your sign-in we receive and store your email address and a provider user ID. (If you use “Sign in with Apple” and choose to hide your email, we only ever see Apple’s private relay address.) Authentication is handled by our infrastructure provider, Supabase.
This is the core content of the app, all entered by you:
Balances are calculated on the fly and are not stored as such. We do not receive any of this from third parties — it only exists because you typed or dictated it.
A minimal profile: your base/display currency and whether you finished onboarding. We do not collect your name, photo, phone number, postal address, or date of birth.
When you tap to add an entry by voice, the app records a short audio clip and sends it to our server, which forwards it to our speech-to-text provider for transcription. The audio is used only for that transcription and is then deleted — we do not store your voice recordings.
We collect anonymous product-usage events — which screens you open, which actions you take, counts, and coarse buckets — to understand how the app is used and improve it. These events never include your amounts, notes, account names, or identity, and are not linked to your account. You can turn analytics off at any time in Settings.
If the app or our server hits an error, a diagnostic report (such as a stack trace) is sent to our error-monitoring provider so we can fix it. Personal and financial fields are stripped out before sending, and reports are not tied to your identity.
If you buy a subscription, the purchase is processed by the app store (Apple or Google) and our subscriptions provider, RevenueCat. We receive only whether a subscription (entitlement) is active — never your card details. We never see or store payment card numbers.
A database encryption key, your session tokens, and — if you set one — your app-lock PIN (stored only as a salted, hashed value) are kept in your device’s secure store (iOS Keychain / Android Keystore). These stay on your device and are not sent to us.
We do not sell your personal data, and we do not use your financial data for advertising.
Some features use automated processing to save you time:
We do not store the text you send or the AI’s response. Only technical usage metadata (for example, token counts and cost, linked to your account for quota purposes) is logged — never the content of your entries.
Your account and financial data are stored in our cloud database (Supabase) in the European Union (Frankfurt, Germany). Our backend server (Railway) runs in the EU (Amsterdam, Netherlands), and error diagnostics (Sentry) are stored in the EU (Germany). Anonymous product analytics (PostHog) are processed in the United States. Our AI and speech providers process your entries transiently on their infrastructure, which may be in the United States or other countries.
This means your data may be processed in countries other than the one you live in. Wherever it goes, it is protected by the security measures described in this policy and by our agreements with each provider.
Depending on where you live (for example, under the EU/UK GDPR or similar laws), you may also have the right to access, correct, delete, export, or restrict the processing of your personal data, and to object to certain processing. To exercise any of these, email hello@evela.ai and we’ll help. You also have the right to complain to your local data-protection authority.
You can permanently delete your account and data yourself: open Settings → Delete account and data and confirm. This cannot be undone. It removes your accounts, transactions, categories, tags, reconciliation entries, profile, subscription records, and AI usage logs from our live database, and clears all Evela data from your device. As noted above, residual copies may remain in encrypted backups for a short period before expiring. Shared reference data that isn’t personal to you (such as public currency rates) is not affected.
No system is perfectly secure, but we work to protect your data using industry-standard measures.
Evela is not directed to children and is intended for adults. You must be at least 18 years old (or the age of majority where you live) to use Evela. We do not knowingly collect personal data from children. If you believe a child has provided us data, contact hello@evela.ai and we will delete it.
We may update this policy from time to time. When we do, we’ll change the “Last updated” date above, and for significant changes we’ll let you know in the app. Continued use of Evela after an update means you accept the revised policy.
Questions, requests, or concerns about your privacy? Email hello@evela.ai.